Lucene search

[email protected]NVD:CVE-2003-0780

HistorySep 22, 2003 - 4:00 a.m.

CVE-2003-0780

2003-09-2204:00:00

[email protected]

web.nvd.nist.gov

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.914 High

EPSS

Percentile

98.9%

JSON

Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

Affected configurations

NVD

Node

mysqlmysqlMatch4.1.0

oraclemysqlMatch3.23

oraclemysqlMatch3.23.2

oraclemysqlMatch3.23.3

oraclemysqlMatch3.23.4

oraclemysqlMatch3.23.5

oraclemysqlMatch3.23.8

oraclemysqlMatch3.23.9

oraclemysqlMatch3.23.10

oraclemysqlMatch3.23.22

oraclemysqlMatch3.23.23

oraclemysqlMatch3.23.24

oraclemysqlMatch3.23.25

oraclemysqlMatch3.23.26

oraclemysqlMatch3.23.27

oraclemysqlMatch3.23.28

oraclemysqlMatch3.23.28gamma

oraclemysqlMatch3.23.29

oraclemysqlMatch3.23.30

oraclemysqlMatch3.23.31

oraclemysqlMatch3.23.32

oraclemysqlMatch3.23.33

oraclemysqlMatch3.23.34

oraclemysqlMatch3.23.36

oraclemysqlMatch3.23.37

oraclemysqlMatch3.23.38

oraclemysqlMatch3.23.39

oraclemysqlMatch3.23.40

oraclemysqlMatch3.23.41

oraclemysqlMatch3.23.42

oraclemysqlMatch3.23.43

oraclemysqlMatch3.23.44

oraclemysqlMatch3.23.45

oraclemysqlMatch3.23.46

oraclemysqlMatch3.23.47

oraclemysqlMatch3.23.48

oraclemysqlMatch3.23.49

oraclemysqlMatch3.23.50

oraclemysqlMatch3.23.51

oraclemysqlMatch3.23.52

oraclemysqlMatch3.23.53

oraclemysqlMatch3.23.53a

oraclemysqlMatch3.23.54

oraclemysqlMatch3.23.54a

oraclemysqlMatch3.23.55

oraclemysqlMatch3.23.56

oraclemysqlMatch4.0.0

oraclemysqlMatch4.0.1

oraclemysqlMatch4.0.2

oraclemysqlMatch4.0.3

oraclemysqlMatch4.0.4

oraclemysqlMatch4.0.5

oraclemysqlMatch4.0.5a

oraclemysqlMatch4.0.6

oraclemysqlMatch4.0.7

oraclemysqlMatch4.0.7gamma

oraclemysqlMatch4.0.8

oraclemysqlMatch4.0.8gamma

oraclemysqlMatch4.0.9

oraclemysqlMatch4.0.9gamma

oraclemysqlMatch4.0.10

oraclemysqlMatch4.0.11

oraclemysqlMatch4.0.11gamma

oraclemysqlMatch4.0.12

oraclemysqlMatch4.0.13

oraclemysqlMatch4.0.14

oraclemysqlMatch4.1.0alpha

conectivalinuxMatch7.0

conectivalinuxMatch8.0

conectivalinuxMatch9.0

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000743

lists.grok.org.uk/pipermail/full-disclosure/2003-September/009819.html

marc.info/?l=bugtraq&m=106364207129993&w=2

marc.info/?l=bugtraq&m=106381424420775&w=2

secunia.com/advisories/9709

www.debian.org/security/2003/dsa-381

www.kb.cert.org/vuls/id/516492

www.mandriva.com/security/advisories?name=MDKSA-2003:094

www.redhat.com/support/errata/RHSA-2003-281.html

www.redhat.com/support/errata/RHSA-2003-282.html

www.securityfocus.com/archive/1/337012

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.914 High

EPSS

Percentile

98.9%

JSON

Related for NVD:CVE-2003-0780

nessus4 debian1 cert1 openvas2 redhat1 osv1 cvelist1 cve1